Cryptojacking: What eCommerce Retailers Need To Know

Cryptojacking is fast becoming the favored cash cow of online criminals. Bad actors can generate huge sums by infecting eCommerce stores and content management systems with malicious code that mines cryptocurrencies like Bitcoin, Monero and Litecoin. WordPress sites and WooCommerce stores are a common victim for cryptojacking attacks, which are often associated with other types of malware, including credit card skimmers.

Online criminals are focusing their attention on cryptojacking because it’s easier to manage and more lucrative than other types of malware attacks like ransomware. Cryptojacking attacks rose by 8500% in the last quarter of 2017 and made up almost a quarter of all online attacks blocked by Symantec in December.

Cryptojacking hurts eCommerce businesses and shoppers, so it is in the interest of retailers to understand what cryptojacking is and how cryptojacking malware infections occur.

What Is Cryptojacking?

Cryptocurrencies such as Bitcoin are created through a process called mining. Mining is computationally intensive and uses a lot of expensive CPU or GPU resources. Legitimate miners invest in high-powered, specialized equipment to do the work, but there is an alternative. Instead of using a few very powerful computers, mining can be distributed among hundreds or thousands of low-power machines, like the computers we have on our desktops and the phones we carry in our pockets.

Cryptojacking attacks take software written for distributed mining — which has legitimate uses — and repurposes it. Cryptomining software written in JavaScript is injected into eCommerce stores. When a shopper visits the store, their browser runs the malware and mines cryptocurrency which is ultimately sent to a wallet owned by the attacker. Cryptojacking consumes shopper’s power and computing resources without their permission.

How Are eCommerce Stores Infected With Cryptojacking Malware?

Cryptojacking malware is injected into an eCommerce site’s pages in the same way as other malware. The attacker has to find a weakness in the site’s security and exploit it to gain access to parts of the site that should be secure.

Brute force and dictionary attacks. If a store has weak passwords, an attacker can simply guess them. Automated botnets try to guess the passwords of hundreds of thousands of websites every day. If they can guess an admin password, they can install any malicious software they want. Two-factor authentication and complex passwords are the best defense against this type of attack.

Software vulnerabilities. Software often contains bugs that cause security vulnerabilities. When they are discovered by security researchers or developers, they are fixed with updates. Sites that aren’t regularly updated are likely to be vulnerable.

Infected Plugins and Themes. Plugins and themes downloaded from untrustworthy sources often contain backdoors and other malware, including cryptojacking malware. Be sure to get plugins and themes from reputable developers or official repositories, like the ones you find in the Lightspeed eCommerce App Store!

Cryptojacking malware is a growing problem, following the basic security precautions outlined in this article can help protect you against all but the most sophisticated and determined criminals